In the modern environment where an individual can gain access to restricted resources, the user authentication becomes a central issue. A widely accepted solution to this problem is based on a combination of the unique login name and the password, which no one but their owner is supposed to know. This solution is not safe: a malicious party may successfully guess or inconspicuously record this information (for instance, with key logging or phishing techniques), and then use it to impersonate the legitimate user and gain access to restricted resources.
There exist a number of approaches that address such a security issue with login names and passwords. Most of these approaches are based on a one-time password or code that can be different for every authentication attempt. Typically, such approaches require specialized hardware. For instance, security tokens often designed as key fobs generate synchronous dynamic passwords with an algorithm kept in tight secret. This password can be independently reproduced by the authenticating authority and matched with a supplied one. More sophisticated security tokens may make use of biometric devices, such as a fingerprint scanner, which guarantees more rigorous authentication. These tokens, however, usually are proprietary and provide authentication for only one resource provider; more universal solution is in demand.
There is another problem for authentication with user name and password. Over time, users typically end up with a number of different login names and passwords, because sometimes a previously used user name is taken, or a previously used password is not deemed as sufficiently secure by an authentication authority. At certain point such a variety of user names and passwords becomes hard to remember and manage. There exist software solutions where users can store user names and passwords, and use a master password for accessing the list. This can be dangerous from the security perspective, as if a malicious party gains access to its content, it gets access to all resources available to the owner. There is a need, therefore, in a single secure authentication solution, which would handle access to multiple resources without significant security compromise.